Working with Clusters and Match Rules
Expression
Refer to
Next Match Rule
The
Next Match Rule
field determines the order of processing. For example, if
you were to configure a Match Rule 2 with a
Next Match Rule
parameter of
Match Rule 1, it would be place
before
Match Rule 1 in the order of processing.
Server Pool
The
Server Pool
field determines the server pool to which a match rule applies
its specified conditions and parameters.
Responder
The
Responder
field allows you to specify an automatic responder for client
requests that match this rule when none of the servers selected in the rule are
available. The responder must already be configured. For a description of respon-
ders as well as examples of using responders in match rules, see
.
Spoof
Spoof
causes Equalizer to spoof the client IP address when Equalizer routes a
request to a server in a virtual cluster; that is, the IP address of the
client
is sent
to the server, not the IP address of the Equalizer. This option is on by default. If
you disable this option, the server receiving the request will see the Equalizer’s
address as the client address because the TCP connection to the client is ter-
minated when the request is routed. When spoof is enabled, the server pool in
the cluster must use the Equalizer as the default gateway for routing.
Abort Server
By default, when a client closes a connection, Equalizer waits for a response
from the server before closing the server connection. If this flag is enabled,
Equalizer will not wait for a response before closing the connection to the server;
instead it sends a TCP RST (reset) to the server when the client closes the con-
nection.
Ignore Case
This function always evaluates to
true
, and is intended to be used to apply the
Ignore Case
flag for comparisons when it is
not set
on the cluster. When this
function is ANDed with other functions, it has the effect of forcing case to be
ignored for any comparisons done by the match rule.
Insert Client IP (HTTPS only)
When this flag is enabled, Equalizer inserts an
X-forwarded-for:
header with
the client's IP address into all client requests before they are sent to the server.
This flag is
disabled
by default for HTTP clusters and
enabled
by default for
HTTPS clusters.
Once Only
Limits Equalizer to parsing headers (and executing match rules) for only the
first request of any client making multiple requests across a single TCP con-
nection. This option is off by default: meaning that Equalizer will parse the head-
ers of every client request.
Disable
Enable this flag to disable this match rule without deleting it. This can be useful
when testing new match rules.
TCP Multiplexing
Enables TCP multiplexing for a cluster. TCP multiplexing must also be enabled on
at least one server instance in the server pool assigned to the cluster (or one of
its match rules).
9. The ordering of match rules is important, as they are processed from first to last until one
of them evaluates to
true
, at which time the match body is processed. The initial match
expression of a new rule, any() is one that will always evaluate to
true
, meaning that this
match rule will always be selected. It is good practice to be cautious when adding new
match rules to ensure that all the traffic to a cluster does not get mishandled. Use the
406
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
Summary of Contents for Equalizer GX Series
Page 18: ......
Page 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 42: ......
Page 52: ......
Page 64: ......
Page 72: ......
Page 76: ......
Page 228: ......
Page 238: ......
Page 476: ......
Page 492: ......
Page 530: ......
Page 614: ......
Page 626: ......
Page 638: ......
Page 678: ......
Page 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 754: ......
Page 790: ......
Page 804: ......
Page 842: ......
Page 866: ......